Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/xAY2KK-HQjaLjOiy3SHcg5Yq2Vw.roa
File: xAY2KK-HQjaLjOiy3SHcg5Yq2Vw.roa (raw, json)
Hash identifier: wpF7ONvlh4HWErKLvh3u9kFUH2M54A3LUAZkTUufnqQ=
Subject key identifier: C4:06:36:28:AF:87:42:36:8B:8C:E8:B2:DD:21:DC:83:96:2A:D9:5C
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 01904E7340B261CF851632E47B30ED73EBF0
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/xAY2KK-HQjaLjOiy3SHcg5Yq2Vw.roa
Signing time: Tue 25 Jun 2024 08:11:34 +0000
ROA not before: Tue 25 Jun 2024 08:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48467
IP address blocks: 94.228.160.0/24 maxlen: 24
94.228.167.0/24 maxlen: 24
94.228.170.0/24 maxlen: 24
94.228.171.0/24 maxlen: 24
94.228.172.0/22 maxlen: 22
178.236.240.0/23 maxlen: 23
178.236.242.0/24 maxlen: 24
178.236.245.0/24 maxlen: 24
178.236.248.0/22 maxlen: 22
178.236.252.0/24 maxlen: 24
178.236.255.0/24 maxlen: 24
185.46.44.0/22 maxlen: 22
185.46.44.0/23 maxlen: 23
185.46.44.0/24 maxlen: 24
185.46.45.0/24 maxlen: 24
185.46.46.0/23 maxlen: 23
185.46.46.0/24 maxlen: 24
185.46.47.0/24 maxlen: 24
2a02:2070::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:73:40:b2:61:cf:85:16:32:e4:7b:30:ed:73:eb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Jun 25 08:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4063628af8742368b8ce8b2dd21dc83962ad95c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:6e:56:e5:bd:25:64:bd:af:a2:30:8a:c8:
b9:9b:2c:62:a4:3e:3a:aa:28:32:33:53:36:2f:4a:
95:be:ba:af:e5:23:35:d2:d4:11:64:3e:d3:bb:55:
ab:13:be:26:2f:2b:6d:b9:f5:50:76:ca:1c:d1:e3:
a0:f2:89:9d:0e:42:49:f7:60:1f:8b:9d:61:de:d4:
d8:21:bc:1f:96:e6:67:2a:80:03:63:19:e6:6d:6b:
fc:17:6f:bf:cc:93:38:c6:f4:29:c4:84:d6:3e:02:
22:cf:db:ac:0c:7e:37:3a:9a:a3:76:e1:aa:fb:fc:
91:1c:75:12:2c:c1:6f:0c:4b:86:5c:a6:28:df:66:
74:b1:1a:5e:80:00:9d:30:92:8b:6f:72:be:d3:11:
48:a3:6a:75:29:03:35:f8:ca:9b:5e:e7:97:07:2d:
2e:3c:73:dd:7a:e8:90:d0:47:aa:e0:e0:c3:02:04:
44:40:72:53:ca:50:7d:04:f6:a9:dd:14:9a:06:46:
24:7c:54:bd:b6:66:ce:03:49:6f:7b:50:1e:05:fc:
66:53:50:6f:64:cb:0b:42:c9:f1:10:27:4e:b7:e2:
66:09:aa:de:2d:18:e2:39:89:5c:28:17:d1:35:f6:
64:ea:c5:3d:31:8a:80:1a:ec:3d:24:e1:e4:6b:cc:
47:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:06:36:28:AF:87:42:36:8B:8C:E8:B2:DD:21:DC:83:96:2A:D9:5C
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/xAY2KK-HQjaLjOiy3SHcg5Yq2Vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.160.0/24
94.228.167.0/24
94.228.170.0-94.228.175.255
178.236.240.0-178.236.242.255
178.236.245.0/24
178.236.248.0-178.236.252.255
178.236.255.0/24
185.46.44.0/22
IPv6:
2a02:2070::/32
Signature Algorithm: sha256WithRSAEncryption
9e:1d:6a:f6:21:b3:d8:f1:62:74:03:0a:b6:73:6e:a9:9b:3e:
cc:c9:64:ea:a4:1d:97:44:31:3f:c7:11:0d:51:d0:a1:22:3f:
d2:fa:57:19:48:19:ce:c2:11:88:15:42:6a:4d:b3:1d:8e:68:
b0:22:c0:a6:86:62:5c:58:c0:57:43:8c:44:bd:d2:38:33:9d:
63:5a:c2:40:c9:5e:91:97:8e:30:f3:1d:57:43:7e:32:d3:40:
da:88:37:c5:f9:64:3e:e1:9b:15:dd:e4:88:c9:ca:a5:95:11:
bb:2e:41:b6:e6:de:52:ce:64:e4:dc:cc:bf:28:3d:7c:cf:d6:
22:00:df:65:3e:18:3e:7f:91:ff:ff:14:d2:07:0f:11:69:5a:
d2:2c:2f:8e:21:15:1d:70:51:29:69:05:e4:ee:63:98:de:e8:
3f:22:2f:f6:f6:e5:17:1b:6e:60:c1:4b:bd:d4:a1:22:61:49:
17:f1:c8:95:96:de:b4:f8:b7:8f:f1:f7:d6:c9:71:14:92:c6:
db:77:a1:0f:25:17:af:2a:0d:41:52:97:00:b2:bd:2c:ed:3f:
11:41:d7:70:dc:1f:02:0d:35:7f:68:12:0b:71:11:83:3a:15:
92:9a:20:29:3f:ad:97:09:75:75:bc:15:29:4b:3d:58:8c:fa:
60:32:74:d8
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZBOc0CyYc+FFjLkezDtc+vwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjQwNjI1MDgxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA2MzYyOGFmODc0MjM2OGI4Y2U4YjJkZDIxZGM4Mzk2MmFkOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZluVuW9JWS9r6Iwisi5myxipD46
qigyM1M2L0qVvrqv5SM10tQRZD7Tu1WrE74mLyttufVQdsoc0eOg8omdDkJJ92Af
i51h3tTYIbwfluZnKoADYxnmbWv8F2+/zJM4xvQpxITWPgIiz9usDH43OpqjduGq
+/yRHHUSLMFvDEuGXKYo32Z0sRpegACdMJKLb3K+0xFIo2p1KQM1+MqbXueXBy0u
PHPdeuiQ0Eeq4ODDAgREQHJTylB9BPap3RSaBkYkfFS9tmbOA0lve1AeBfxmU1Bv
ZMsLQsnxECdOt+JmCareLRjiOYlcKBfRNfZk6sU9MYqAGuw9JOHka8xHwwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFMQGNiivh0I2i4zost0h3IOWKtlcMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEveEFZMktLLUhRamFMak9peTNTSGNnNVlxMlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAXuSgAwQA
XuSnMAwDBAFe5KoDBARe5KAwDAMEBLLs8AMEALLs8gMEALLs9TAMAwQDsuz4AwQA
suz8AwQAsuz/AwQCuS4sMA0EAgACMAcDBQAqAiBwMA0GCSqGSIb3DQEBCwUAA4IB
AQCeHWr2IbPY8WJ0Awq2c26pmz7MyWTqpB2XRDE/xxENUdChIj/S+lcZSBnOwhGI
FUJqTbMdjmiwIsCmhmJcWMBXQ4xEvdI4M51jWsJAyV6Rl44w8x1XQ34y00DaiDfF
+WQ+4ZsV3eSIycqllRG7LkG25t5SzmTk3My/KD18z9YiAN9lPhg+f5H//xTSBw8R
aVrSLC+OIRUdcFEpaQXk7mOY3ug/Ii/29uUXG25gwUu91KEiYUkX8ciVlt60+LeP
8ffWyXEUksbbd6EPJRevKg1BUpcAsr0s7T8RQddw3B8CDTV/aBILcRGDOhWSmiAp
P62XCXV1vBUpSz1YjPpgMnTY
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:22 2024 by rpki-client on console-ams.rpki-client.org